ECS clusters should have container insights enabled
Default Severity: low
Explanation
Cloudwatch Container Insights provide more metrics and logs for container based applications and micro services.
Possible Impact
Not all metrics and logs may be gathered for containers when Container Insights isn't enabled
Suggested Resolution
Enable Container Insights
Insecure Example
The following example will fail the aws-ecs-enable-container-insight check.
resource "aws_ecs_cluster" "bad_example" {
name = "services-cluster"
}
Secure Example
The following example will pass the aws-ecs-enable-container-insight check.
resource "aws_ecs_cluster" "good_example" {
name = "services-cluster"
setting {
name = "containerInsights"
value = "enabled"
}
}